Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00021.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Huawei Technologies Co., Ltd. DP300,NIP6600,Secospace USG6500,TE60,TP3106,VP9660,ViewPoint 8660,ViewPoint 9030,eCNS210_TD,eSpace U1981 affected
Version Status Constraints
DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 affected

Configuration 1 [-]

AND
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*
cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
OR cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
OR cpe:2.3:o:huawei:tp3106_firmware:v100r001c06:*:*:*:*:*:*:*
cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
OR cpe:2.3:o:huawei:vp9660_firmware:v200r001c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:vp9660_firmware:v200r001c30:*:*:*:*:*:*:*
cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*
cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
OR cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*
cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ecns210_td:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*
cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Huawei Subscribe
Dp300 Subscribe
Dp300 Firmware Subscribe
Ecns210 Td Subscribe
Ecns210 Td Firmware Subscribe
Espace U1981 Subscribe
Espace U1981 Firmware Subscribe
Nip6600 Subscribe
Nip6600 Firmware Subscribe
Secospace Usg6500 Subscribe
Secospace Usg6500 Firmware Subscribe
Te60 Subscribe
Te60 Firmware Subscribe
Tp3106 Subscribe
Tp3106 Firmware Subscribe
Viewpoint 8660 Subscribe
Viewpoint 8660 Firmware Subscribe
Viewpoint 9030 Subscribe
Viewpoint 9030 Firmware Subscribe
Vp9660 Subscribe
Vp9660 Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2017-6779 Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2024-08-05T19:50:16.498Z

Reserved: 2017-10-14T00:00:00

Link: CVE-2017-15323

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-09T21:29:00.567

Modified: 2024-11-21T03:14:27.800

Link: CVE-2017-15323

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses